System and method for vehicle authorization

ABSTRACT

A system provides a personalized and secure user experience to access a secured asset, such as a vehicle. A first communication is transmitted, and a second communication is received in response to the first communication. An approach vector is determined based on the first communication and the second communication. The approach vector is compared with a known approach vector, a request for authentication is transmitted based on the comparison. A response to the request for authentication is received, and access to an asset is granted based on the approach vector and the response to the request for authentication.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No.16/075,442, filed Aug. 3, 2018 and entitled “SYSTEM AND METHOD FORVEHICLE AUTHORIZATION,” which is a 371 of PCT Patent Application SerialNo. PCT/US2017/016505, filed Feb. 3, 2017 and entitled “SYSTEM ANDMETHOD FOR VEHICLE AUTHORIZATION,” which claims priority under 35 U.S.C.§ 119(e) to U.S. Provisional Patent Application Ser. No. 62/291,304,filed Feb. 4, 2016 and entitled “SYSTEM AND METHOD FOR VEHICLEAUTHORIZATION.” Each of these applications is incorporated by referencein its entirety herein.

FIELD

The described embodiments relate generally to authorization. Moreparticularly, the embodiments relate to granting access to a securedasset.

BACKGROUND

Vehicles may be accessed and operated using a key or key fob. Typically,the key fob may provide a remote keyless entry system that providesaccess to the vehicle by unlocking the doors and additionalfunctionality such as starting the engine. However, most conventionalkey fobs or keyless entry systems are single factor security systemsthat offer only a low level of security. Moreover, some conventionalremote keyless entry systems are vulnerable to man-in-the-middle attacksand other security issues. For example, the vehicle is unable toidentify the person carrying the key or key fob, so anyone with the keyfob can operate the vehicle. Additionally, a traditional key or key fobis often large and inconvenient to carry, and easily misplaced, and thuscan be stolen. Certain vehicles may provide a valet key that limitsaccess to a storage area of the vehicle, e.g., a glove box or trunk, butotherwise allows full control of the vehicle. In short, a vehicle with akey or a key fob provides rudimentary security and would benefit frommany improvements.

SUMMARY

A system includes a secured asset such as a vehicle with a computingdevice and optional computing devices that communicate with the vehicle.Briefly described, and according to one embodiment, aspects of thepresent disclosure generally relate to systems and methods for grantingaccess to a secured asset using one of an approach vector and a responseto a request for biometric authentication. The secured asset providesmultiple levels of security based on a chain of trust. The chain oftrust may be related to the approach vector and the response to therequest for biometric authentication.

According to one embodiment, a system includes a processor to transmit afirst communication, receive a second communication in response to thefirst communication, determine an approach vector based on the firstcommunication and the second communication, compare the approach vectorwith a known approach vector and transmit a request for authenticationbased on the comparison, receive a response to the request forauthentication, and grant access to an asset based on the approachvector and the response to the request for authentication.

According to a further embodiment, a method includes transmitting, by aprocessor, a first communication, receiving, by the processor, a secondcommunication in response to the first communication, determining, bythe processor, an approach vector based on the first communication andthe second communication, comparing, by the processor, the approachvector with a known approach vector and transmitting a request forauthentication based on the comparison, receiving, by the processor, aresponse to the request for authentication, and granting, by theprocessor, access to an asset based on the approach vector and theresponse to the request for authentication.

According to another embodiment, a non-transitory computer-readablemedium includes instructions stored thereon that, when executed by aprocessor, cause the processor to perform operations includingtransmitting a first communication, receiving a second communication inresponse to the first communication, determining an approach vectorbased on the first communication and the second communication, comparingthe approach vector with a known approach vector and transmitting arequest for authentication based on the comparison, receiving a responseto the request for authentication, and granting access to an asset basedon the approach vector and the response to the request forauthentication.

According to an additional embodiment, a system includes a processor toreceive a first communication, transmit a second communication inresponse to the first communication, receive a notification from thevehicle, the notification comprising a request for authentication basedon a comparison between an approach vector based on the firstcommunication and the second communication and a known approach vector,transmit a response to the request for authentication, and receiveaccess to an asset based on the approach vector and the response to therequest for authentication.

These and other aspects, features, and benefits of the presentdisclosure will become apparent from the following detailed writtendescription of the preferred embodiments and aspects taken inconjunction with the following drawings, although variations andmodifications thereto may be effected without departing from the spiritand scope of the novel concepts of the disclosure.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings illustrate embodiments and/or aspects of thedisclosure and, together with the written description, serve to explainthe principles of the disclosure. Wherever possible, the same referencenumbers are used throughout the drawings to refer to the same or likeelements of an embodiment, and wherein:

FIG. 1A illustrates a block diagram of a system according to an exampleembodiment.

FIG. 1B illustrates another block diagram of the system according to anexample embodiment.

FIG. 2 illustrates a block diagram of a vehicle according to an exampleembodiment.

FIG. 3 illustrates a block diagram of a mobile computing deviceaccording to an example embodiment.

FIG. 4 illustrates a flowchart for granting access to a vehicleaccording to an example embodiment.

FIG. 5 illustrates a functional block diagram of an electronic deviceassociated with the vehicle including operational units arranged toperform various operations of the presently disclosed technology.

FIG. 6 is an example computing system that may implement various systemsand methods of the presently disclosed technology.

DETAILED DESCRIPTION

According to an example embodiment, a vehicle and/or a mobile deviceprovides a personalized and secure user experience that is akin to achauffeured vehicle experience. The system may automatically unlock adoor, automatically open the door, personalize vehicle interiorsettings, and provide extensive security for known occupants of thevehicle. Unlike conventional systems, the present disclosure describes asystem with redundancies, confirmations, and personalization features toaccess and use the vehicle, among other things.

Many people carry mobile computing devices on their person includingcellular telephones (e.g., smart phones), wearable devices, laptopcomputers, and other devices. These mobile computing devices includewireless connectivity and may communicate with other computing devicesincluding a computing device associated with an asset such as a vehicle.In one embodiment, the mobile computing device and the vehicle or asystem associated with the vehicle, may communicate using ultra-widebandhardware devices. The vehicle may send a first communication, or firstsignal, to the mobile computing device. The first signal may be an RFsignal. The mobile computing device may receive the first communicationand send a second communication, or second signal, to the vehicle. Thesecond signal may be an RF signal. If a person is carrying a mobilecomputing device and comes within a particular proximity of the vehiclewhile traveling toward the vehicle (or system) at a particular angle (ora range of angles) relative to the vehicle, the vehicle may unlock andallow access to the vehicle. While discussed in the context of avehicle, the system may also be useful for building access, storageaccess, or any other access to a secured space. The vehicle mayaccomplish these functions when the vehicle is stationary and parked andthe mobile computing device approaches the vehicle and/or when thevehicle is moving and the mobile computing device approaches thevehicle.

As an example, the vehicle may be parked and the mobile computing devicemay be held by a person approaching the vehicle. As another example, thevehicle may be moving toward a passenger carrying the mobile computingdevice while the passenger is also moving toward the vehicle or whilethe passenger is stationary. In certain instances, the vehicle mayautonomously travel to a location associated with the mobile computingdevice based on a communication received from the mobile computingdevice. The vehicle may automatically stop at the location associatedwith the mobile computing device and grant an occupant carrying themobile computing device access to the vehicle, and/or provide varioussettings customized for the user.

In an embodiment, amongst other functions the vehicle and/or the mobilecomputing device may obtain biometric attributes of a person oroccupant, and compare those biometric attributes with stored biometricattributes, using sensors and/or cameras or other imaging devices. Thebiometric attributes may be stored in memory of the mobile computingdevice and/or memory of the vehicle. The biometric attributes may beobtained and authenticated when the occupant approaches the vehicle. Forexample, the vehicle may determine that the known mobile computingdevice is within a particular proximity of the vehicle and at aparticular angle based on an approach vector. Based on the approachvector, the vehicle may unlock and allow access, and/or when a personhas authenticated biometric attributes, such as after having beenprompted by an application on the mobile computing device, the vehiclemay unlock and allow access to the vehicle. The vehicle may unlock andallow access when the mobile computing device is within a particulardistance/angle of the vehicle. In addition, the vehicle may illuminatelights when the mobile computing device is within the particulardistance/angle of the vehicle. In other cases, the vehicle may provideother welcome functions when the mobile computing device is within theparticular distance/angle of the vehicle. As an example, the vehicleand/or the mobile computing device may provide audible greeting sounds(e.g., chimes, chirps and/or horn sounds) and may greet a particularoccupant by name as the particular occupant enters or approaches thevehicle. In such instances, the vehicle may also accept a request, andprocess voice commands. For example, a user may state “vehicle pleaseturn on the heat” and upon recognition of the command, activate theheater.

In another embodiment, the vehicle may determine when the mobilecomputing device is physically located within the vehicle. In certaininstances, the vehicle or another computing device may determine whenthe vehicle enters a particular geofence or location zone and the mobilecomputing device is physically located within the vehicle. When thevehicle and the mobile computing device are associated with the locationzone, the vehicle and/or the mobile computing device may be used to makepurchases. The vehicle and/or the mobile computing device may be parkedwithin a location zone that is associated with a coffee shop and a usermay purchase a coffee. The vehicle and/or the mobile computing devicemay be parked within a location zone that is associated with a fuelingstation and a user may purchase fuel or electricity, among other things.In one example, the vehicle may determine a location of the vehicle,determine that the location of the vehicle is within the location zone,determine that the mobile computing device is within the vehicle,transmit a request for biometric authentication for payment to themobile computing device, and receive a response to the request forbiometric authentication for payment from the mobile computing device. Aparticular geofence may represent a virtual perimeter associated with adefined set of real-world geographic boundaries.

In an additional embodiment, the vehicle may determine a location of thevehicle, determine that the location of the vehicle is within aparticular location zone, receive a communication from a hardware devicephysically located within the particular zone, determine that the mobilecomputing device is within the vehicle, transmit a request for biometricauthentication for payment to the mobile computing device, and receive aresponse to the request for biometric authentication for payment fromthe mobile computing device. The vehicle may determine a payment vectorbased on the communication from the hardware device physically locatedwithin the particular zone, and transmit a representation of the paymentvector and the response to the request for biometric authentication forpayment to a server computing device for processing a transactionassociated with the payment.

In a further embodiment, the vehicle may determine that the mobilecomputing device is within the vehicle or a particular distance/anglefrom the vehicle and set vehicle personal preferences. According to anexample embodiment, the vehicle personal preferences may be associatedwith seating position, seat heating, seat cooling, steering wheelheating/cooling, and localized climate controls. If the vehicle includesan internal display for a particular seat, the internal display maytransition to playing or providing the option to play media provided bya mobile computing device associated with a particular person sitting inthe particular seat. The selected or played media may be based onfavorite information associated with the mobile computing device (e.g.,favorite music or other audio) and/or history information associatedwith the mobile computing device. The vehicle may maintain wirelessand/or wired connections to the mobile computing device and presentcontrols appropriately to the particular person. The display may presentappropriate media player choices and a user interface by which mediaand/or media player choices are selected. The display also may presentappropriate contact information associated with a contact list (e.g.,telephone numbers) provided by the mobile computing device. The vehiclemay include speakers associated with the particular seat and/or aheadphone jack or a Bluetooth® or other wireless option to connect withthe mobile computing device.

The vehicle personal preferences also may be associated with navigationlocations (e.g., favorite locations or most recent locations),navigation settings, energy usage settings, autonomous functionalitysettings, security settings, other climate control settings, otherentertainment settings, other seat settings, and other settingsgenerally.

Users can benefit from use of vehicle personal preferences and personaldata provided by the mobile computing device when operating the vehicle.For example, the personal data can be used to provide the vehicle withlocation zones, media, contact list, navigation locations, navigationsettings, energy usage settings, autonomous functionality settings,security settings, other climate control settings, other entertainmentsettings, seat settings, among others. Accordingly, use of such personaldata enables users to influence and control delivered content, andvehicle operation, among other things.

Users can selectively block use of, or access to, personal data. Asystem incorporating some or all of the technologies described hereincan include hardware and/or software that prevents or blocks access tosuch personal data. For example, the system can allow users to “opt in”or “opt out” of participation in the collection of personal data orportions thereof. Also, users can select not to provide locationinformation, or permit provision of general location information (e.g.,a geographic region or zone), but not precise location information.

Entities responsible for the collection, analysis, disclosure, transfer,storage, or other use of such personal data should comply withestablished privacy policies and/or practices. Such entities shouldsafeguard and secure access to such personal data and ensure that otherswith access to the personal data also comply. Such entities shouldimplement privacy policies and practices that meet or exceed industry orgovernmental requirements for maintaining the privacy and security ofpersonal data. For example, an entity should collect users' personaldata for legitimate and reasonable uses, and not share or sell the dataoutside of those legitimate uses. Such collection should occur onlyafter receiving the users' informed consent. Furthermore, third partiescan evaluate these entities to certify their adherence to establishedprivacy policies and practices.

According to exemplary embodiments, the vehicle or other computingdevice may use both the approach vector of the mobile computing deviceand biometric information to grant access, among other security factorsand privilege mechanisms. The vehicle does not place a significantburden on the user and offers significant security enhancements andconveniences.

These and other embodiments are discussed below with reference to FIGS.1A-6. However, those skilled in the art will readily appreciate that thedetailed description given herein with respect to these Figures is forexplanatory purposes only and should not be construed as limiting.

FIG. 1A illustrates a block diagram of a system 100 according to anexample embodiment. The system 100 includes a secured asset such as avehicle 102 having a processor 103 and wireless hardware devices 105 incommunication with a mobile computing device 104 having a processor 107,sensors 109, and wireless hardware devices 111. The vehicle 102 may be amachine that transports people and/or cargo including a terrestrialmotor vehicle, a watercraft, and an aircraft, among other vehicles. Thevehicle 102 may include an engine or motor such as an internalcombustion engine, an electric motor, or a hybrid configuration. Inother embodiments, the mobile computing device 104 also may be incommunication with something other than a vehicle such as a differentcomputing device.

Alternatively, the secured asset may be a building or a section of abuilding, among other areas. The secured asset may be a locked computingdevice, a locked storage container or device, or another secured space.

The vehicle 102 and the mobile computing device 104 may communicate invarious ways or combinations thereof. When in relative close proximity,the vehicle 102 and the mobile computing device 104 may useultra-wideband (UWB), Bluetooth®, WiFi, or other such short rangewireless methods. In an exemplary embodiment, the vehicle 102 and themobile computing device 104 may communicate when they are located withina particular distance, e.g., three hundred meters of one another. Theymay communicate using a wireless device 105, 111 with position anddistance capability, for example, a UWB hardware device.

In an exemplary embodiment, the vehicle 102 and the mobile computingdevice 104 include ultra-wideband functionality and communicate usingultra-wideband communications. The vehicle 102 may transmit a firstcommunication at a first time at a first location using a first wirelesshardware device 105 and/or another hardware device. The first hardwaredevice 105 may be one of a UWB hardware device, a Bluetooth® hardwaredevice, a WiFi hardware device, and others. In one example, the firstcommunication is a first RF signal. In another example, the firstcommunication may be a first packet. The first hardware device 105 maybe located in, on, or near the vehicle 102. The vehicle 102 may receivea second communication at a second time after the first time in responseto the first communication. The second communication may be from asecond wireless hardware device 111 and/or another hardware device. Thesecond hardware device 111 may be one of a UWB hardware device, aBluetooth® hardware device, a WiFi hardware device, and others, andtransmitted by the mobile computing device 104 at a second location. Inone example, the second communication is a second RF signal. In anotherexample, the second communication may be a second packet. Using thefirst communication and the second communication, the vehicle determinesan approach vector for the mobile computing device 104 in relation tothe vehicle. Using the first communication and the second communication,the vehicle may determine time distance of arrival (TDoA) and phasedifference of arrival (PDoA). The vehicle may use a combination ofsignal strength and PDoA from a Bluetooth LE hardware device in a firstlow power pass and switch to a higher power UWB hardware device in asecond pass to improve accuracy.

In another example, the first hardware device 105 may be a 60 GHzhardware device (e.g., WiGig or IEEE 802.11ad) and the second hardwaredevice 111 may be a 60 GHz hardware device (e.g., WiGig or IEEE802.11ad).

Either the vehicle 102 or the mobile computing device 104 can initiatethe first communication, while the vehicle 102 or the mobile computingdevice 104 can respond to the first communication with the secondcommunication.

The vehicle 102 or mobile computing device 104 that transmitted thefirst communication may record the time of transmission of the firstcommunication and the time that it received the second communication anddetermine the time lapse between the recorded time of the firstcommunication and the second communication. Based on the time lapse andthe known speed of light, the vehicle 102 or the mobile computing device104 may determine the range to the vehicle 102 or the mobile computingdevice 104. In certain instances, time corrections may be made toaccount for signal delays, e.g., the time for the receiving device toreceive the first communication and then transmit its own secondcommunication in response, the time that the first device calculates therange, and so on. A predetermined delay may be subtracted from thecalculated time lapse. In one example, a range calculation may be basedon the following equation: d=c/2*(time lapse−time offset), where d isequal to a range or distance of the devices, c is equal to the speed oflight, the time lapse is equal to the time of transmission of an RFsignal at a first device and the time of receipt of a return RF signalfrom a second device, and the time offset is equal to a time accountingfor system delays. Another example range calculation may be equal tod=c*(time lapse−time offset). This equation may be used when the firstdevice emits a signal and the second device receives the signal, in aone-way trip implementation. The range calculations may be affected byorientation of the devices. As an example, the vehicle 102 and/or themobile computing device 104 may be oriented in a particular way when therange is being calculated. The vehicle 102 and the mobile computingdevice 104 may use orientation data to calculate the range.

The approach vector may indicate that a person carrying the mobilecomputing device 104 intends to obtain access to the vehicle 102 andprovide contextual awareness to the user experience associated with thevehicle. The approach vector may indicate a velocity of the mobilecomputing device 104 and may be used to determine a rate at which themobile computing device 104 is changing its position. The velocity mayindicate a speed and a direction of the mobile computing device 104. Theperson intending to obtain access to the vehicle may typically approachthe vehicle 102, when intending to enter, within a limited range ofapproach angles and speeds. As an example, the person carrying themobile computing device 104 may be taking a unique approach path to thevehicle 102 that is unknown or unexpected to the vehicle. If there issomething about the approach vector that is unknown, unexpected, orunique, then the vehicle 102 may request additional secondaryauthentication from the mobile computing device 104. Over time, usingmachine learning, the vehicle 102 may determine known, expected, andusual approach vectors for the person carrying the mobile computingdevice 104 and use the known, expected, and usual approach vectors togrant access to the vehicle 102.

Additionally, in certain locations and/or situations, even if theapproach vector is known or expected, the vehicle 102 may requestadditional secondary authentication. As an example, additional secondaryauthentication may not be requested when the vehicle 102 is located at afavorite location such as home or work. However, if the vehicle 102 islocated in an unknown parking garage in an unfamiliar city, then thevehicle may request additional secondary authentication even if theapproach vector is known. The vehicle 102 provides multiple levels ofsecurity based on a chain of trust. The chain of trust may be related tothe approach vector, the response to the request for biometricauthentication sent from the mobile computing device 104, the locationof the vehicle 102, and other factors. The user also may set variouslevels of security.

In one embodiment, the first wireless hardware device 105 and the secondwireless hardware device 111 may communicate with one another to allowthe vehicle 102 to determine time of flight (TOF) or time of arrival(TOA) and angle of arrival (AOA) for the mobile computing device 104.The amount of time it takes for an electromagnetic wave to propagateover the air from the first wireless hardware device to the secondwireless hardware device may be referred to as time of flight. Time offlight is proportional to distance. Thus, time of flight informationand/or angle of arrival may be gathered to estimate relative locationsof the first wireless hardware device and the second wireless hardwaredevice. Additionally, the time of flight information may be gathered incombination with other positioning metrics such as angle of arrival.Other positioning metrics may include time difference of arrival (TDOA),received signal strength indication (RSSI), and near fieldelectromagnetic ranging (NFER).

The vehicle 102 may determine the time of flight and angle of arrivalusing phase difference of arrival and time. Using the first wirelesshardware device 105, the vehicle 102 may determine in realtime the angleand distance of the mobile computing device 104 and determine when themobile computing device 104 arrives at the vehicle 102. The wirelesshardware device 105 may be a single chip UWB IEEE802.15.4-2011 compliantwireless transceiver that allows the determination of a location of anobject to a precision of ten centimeters and an angle of ten minutesindoors and/or outdoors. The UWB hardware device may be immune tomultipath fading and allow for reliable communications in a variety ofenvironments. This can provide advantages over Wi-Fi, Bluetooth, andothers, although embodiments of the disclosure can use various differentwireless technologies.

At longer ranges, the vehicle 102 and the mobile computing device 104may communicate using a cellular communications network or anothercommunications network. Accordingly, communication may involve theInternet, an intranet, a cellular communications network, a WiFinetwork, a packet network, a short-range wireless network, or anotherwired and/or wireless communication network or a combination of any ofthe foregoing. As an example, the vehicle 102 and the mobile computingdevice 104 communicates data in packets, messages, or othercommunications using a common protocol, e.g., Hypertext TransferProtocol (HTTP) and/or Hypertext Transfer Protocol Secure (HTTPS). Thevehicle 102 and/or the mobile computing device 104 may communicate withother optional server computing devices associated with the system 100.

The vehicle 102 and/or the mobile computing device 104 may alsooptionally include Bluetooth® Low Energy (BLE, Bluetooth® LE, Bluetooth®Smart) functionality based on the Bluetooth 4.0 specification or anotherspecification. In addition, the vehicle 102 may include a beacon.According to an example embodiment, the vehicle 102 and the mobilecomputing device 104 are paired and communicate wirelessly using a shortrange wireless network, e.g., Bluetooth® (IEEE Standard 802.15). Theshort range wireless network may be a wireless personal area network(WPAN).

In another example, the vehicle 102 may optionally create a personalarea network and/or a mesh network for communicating with the mobilecomputing device 104. Additionally, the vehicle 102 and the clientcomputing device 104 may communicate using Zigbee®, Wi-Fi, near fieldmagnetic inductance, sonic (sound) waves, ultrasound waves, and/orinfrared (light) waves, among others. While ultrasound is a line ofsight technology and has a more limited range, UWB uses radiofrequencypulses and has high gain. This allows UWB hardware to penetrate throughwalls and obstacles and provide highly precise ranging. Additionally,UWB uses very short pulses for radio transmission providing low energyconsumption and enables the use of battery-operated computing devices.

FIG. 1B illustrates another block diagram of the system 100 according toan example embodiment. As shown in FIG. 1B, the vehicle 102 includes twowireless hardware devices 105 including a first wireless hardware device105 in a front portion of the vehicle and a second wireless hardwaredevice 105 in a rear portion of the vehicle. The first wireless hardwaredevice 105 and the second wireless hardware device 105 may receivecommunications from a wireless hardware device 111 of a mobile computingdevice 104 at slightly different times, such that the time differencescan be used to determine the relative distance and angle of the mobilecomputing device at any particular time. The vehicle 102 may haveadditional wireless hardware devices or fewer wireless hardware devices.The mobile computing device 104 may have additional wireless hardwaredevices. In this embodiment, the vehicle 102 measures angles of arrivalof the wireless radio signals and performs triangulation in order todetermine sources of the signals, e.g., the first wireless hardwaredevice 105 in the first portion of the vehicle receives radio signalsfrom the mobile computing device 104 and the second wireless hardwaredevice 105 in the rear portion of the vehicle receives radio signalsfrom the mobile computing device 104. Using triangulation, the vehicle102 may determine the approach vector of the mobile computing device104. Angles may be determined based on differences in the times ofarrival of the signals. Using the angles, the position of the mobilecomputing device 104 may be determined.

As shown in FIG. 1B, the vehicle 102 is parked and stationary in aparking spot. A first mobile computing device 104 is located on a leftside of FIG. 1B and is in the process of approaching the vehicle alongan approach vector 106 represented with a solid thick line. At aparticular point in time, the first mobile computing device is aparticular distance from the vehicle and at a particular angle, θ. Thefirst mobile computing device 104 moves from a first point 110 to asecond point 120 as indicated by the dotted representation of the firstmobile computing device 104. FIG. 1B also shows a change in the angle ofarrival of the first mobile computing device 104 from a first angle 130to a second angle 140 as it approaches the vehicle. A second mobilecomputing device 104 is located on a right side of FIG. 1B and is in theprocess of traveling along an approach vector 108 parallel to thevehicle and away from the vehicle. At this particular point in time, thesecond mobile computing device is a particular distance from the vehicleand at a particular angle, θ. The second mobile computing device 104moves from a first point 150 to a second point 160 as indicated by thedotted representation of the second mobile computing device 104. FIG. 1Balso shows a change in the angle of arrival of the second mobilecomputing device 104 from a first angle 170 to a second angle 180 as ittravels along the approach vector parallel to the vehicle and away fromthe vehicle.

In one example, the first computing device 104 may have traveled acrossthe street toward a driver side or left side of the vehicle. The secondcomputing device 104 may be traveling along a sidewalk parallel to theparked vehicle. The wireless hardware devices 105 of the vehicle 102continually communicate with the wireless hardware device 111 of thefirst mobile computing device 104 and the second mobile computing device104. The vehicle 102 may compare the approach vector of the first mobilecomputing device 104 with known approach vectors and determine that thisis a known approach vector using time of flight and angle of arrival.Based on the location of the vehicle 102, the vehicle may grant accessto the vehicle. The vehicle 102 may unlock doors and extend welcomefunctions including external lighting, internal lighting, cabinconfiguration, cabin control, and other welcome functions. The doors mayinclude front doors, rear doors, frunk doors, trunk doors, and storagedoors. One of the front doors may be a driver door. Other doors may bepassenger doors.

The vehicle 102 also may compare the approach vector of the secondmobile computing device 104 with known approach vectors and determinethat this is not a known approach vector using time of flight and angleof arrival. If the second mobile computing device 104 is a knowncomputing device, then the vehicle 102 may request additional secondaryauthentication from the second mobile computing device 104 and send anotification to the second mobile computing device 104. If the secondmobile computing device is an unknown computing device, then the vehiclemay not send a notification to the second mobile computing device torequest additional secondary authentication. When a mobile computingdevice 104 is first used to access the vehicle 102, the vehicle 102 mayregister the mobile computing device 104 and store an identificationthat represents the mobile computing device 104. In the future, whenthis mobile computing device 104 is used to access the vehicle 102, themobile computing device 104 will be a known mobile computing device 104.

FIGS. 1A, 1B, and 2 illustrate a block diagram of the vehicle 102according to an example embodiment. The vehicle 102 may include acomputer having hardware components including a processor 202 and memory204, such as a vehicle onboard computer or a dedicated electronic devicehaving a processor and memory. The processor 202 processesmachine/computer-readable executable instructions and data, and thememory 204 stores machine/computer-readable executable instructions anddata including applications, including a vehicle authorizationapplication 206. The processor 202 and memory 204 are hardware. Theprocessor 202 may be a hardware processing unit. In one embodiment, theprocessor 202 includes a secure enclave processor (SEP). The SEP storesand protects information used for identifying known mobile computingdevices, biometric information, and approach vector information, amongother information. The memory 204 includes random access memory (RAM)and non-transitory memory, e.g., a non-transitory computer-readablestorage medium such as flash storages or hard drives. The non-transitorymemory may include any tangible computer-readable medium including, forexample, magnetic and/or optical disks, flash drives, and the like.

The vehicle 102 further can include touch screen display devices 208,such as a liquid-crystal display (LCD) for receiving input anddisplaying output, sensors 210, cameras or imaging devices 212, a globalpositioning system (GPS) device 214, wireless hardware devices 216, anda communication bus 218. The vehicle 102 may include other wirelesscommunication devices for communicating including a wirelesstransceiver, a cellular transceiver, a Bluetooth transceiver, andothers. The wireless hardware devices 216 may be UWB hardware devices.

The touch screen display devices 208 may be located on an exterior ofthe vehicle and/or an interior of the vehicle for receiving input anddisplaying output including passwords. For example, the touch screendisplay devices 208 may be located on or within a window or on anexterior of the vehicle. The sensors 210 and the imaging devices 212 maybe used for biometric identification and authentication. The sensors 210may be located on the exterior of the vehicle and/or the interior of thevehicle and include fingerprint sensors, iris recognition devices, eyevein verification devices, microphones, seat pressure sensors, load orweight sensors (e.g., a strain gauge), pressure sensors, andelectrocardiogram (ECG) sensors, among others. The sensors 210 may becoupled with the processor 202 for obtaining biometric information.

The imaging devices 212 may be coupled with the processor 202 for facialrecognition. The imaging devices 212 include high-definition cameras andmay be used to determine two-dimensional images and/or three-dimensionalimages including a two-dimensional image of a face or athree-dimensional image of a face, a height of a person, a body shape ofa person, or a gait of a person. The imaging devices 212 may be locatedon an exterior of the vehicle and/or an interior of the vehicle. In oneexample, each seat within the vehicle may include imaging devices tocapture a face of a passenger sitting in that particular seat. The touchscreen display devices 208 and/or the imaging devices 212 may be used toreceive gestures. The microphones may be used to receive verbalpassphrases.

The global positioning system device 214 may receive GPS signals andthereby determine a current location of the vehicle 102. The wirelesshardware devices 216 may include one first wireless hardware devicelocated in a front portion of the vehicle 102 and one second wirelesshardware device located in a rear portion of the vehicle 102. However,the wireless hardware devices 216 may be arranged in other ways.

FIGS. 1A, 1B, and 3 illustrate a block diagram of the mobile computingdevice 104 according to an example embodiment. The mobile computingdevice 104 may be a computer having a processor 302 and memory 304, suchas a laptop, desktop, tablet computer, mobile computing device (e.g., asmartphone), a wearable device (e.g., a watch), or a dedicatedelectronic device having a processor and memory. The processor 302processes machine/computer-readable executable instructions and data,and the memory 304 stores machine/computer-readable executableinstructions and data including applications, including a computingdevice authorization application 306. The processor 302 and memory 304are hardware. The processor 302 may be a hardware processing unit. Inone embodiment, the processor 302 includes a secure enclave processor(SEP). The SEP stores and protects biometric information and approachvector information, among other information. The memory 304 includesrandom access memory (RAM) and non-transitory memory, e.g., anon-transitory computer-readable storage medium such as flash storagesor hard drives. The non-transitory memory may include any tangiblecomputer-readable medium including, for example, magnetic and/or opticaldisks, flash drives, and the like.

The mobile computing device 104 further includes a touch screen displaydevice 308 such as a liquid-crystal display (LCD) to receive input anddisplay output, sensors 310 such as an ambient light sensor, anaccelerometer, a gyroscopic sensor, microphones, a magnetometer, abarometer, and a fingerprint sensor, cameras or imaging devices 312, aGPS device 314, wireless hardware devices 316, and a communication bus318. The mobile computing device 104 may include other wirelesscommunication devices for communicating including a wirelesstransceiver, a cellular transceiver, a Bluetooth transceiver, andothers. The wireless hardware devices 316 may be UWB hardware devices.

The touch screen display device 308 receives input and displays output.The sensors 310 and the imaging devices 312 may be used for biometricidentification and authentication. The sensors 310 may be coupled withthe processor 302 for obtaining biometric information. The imagingdevices 312 may include high-definition cameras and may be used todetermine two-dimensional images and/or three-dimensional imagesincluding a two-dimensional image of a face or a three-dimensional imageof a face, a height of a person, a body shape of a person, or a gait ofa person. The touch screen display device 308 and/or the imaging devices312 may be used to receive gestures. The microphones may be used toreceive verbal passphrases. The global positioning system device 314 maycontinually determine a current location of the mobile computing device104.

The wireless hardware devices 316 communicate with the wireless hardwaredevices 216. In one example, the wireless hardware device 216 sends afirst communication to the wireless hardware device 316 and the wirelesshardware device 316 sends a second communication back to the wirelesshardware device 216. The vehicle 102 uses the first communicationincluding the location of the origin of the first communication, thesecond communication including the location of the origin of the secondcommunication, and a time difference between the first communication andthe second communication to determine the approach vector and comparethe approach vector with known approach vectors stored with the approachvector information in memory 204, memory 304, and/or memory of the SEPin the vehicle and the mobile computing device. If the approach vectoris a known approach vector, the vehicle 102 may grant access. Otherwise,the vehicle 102 may request biometric authentication information fromthe mobile computing device 104, and compare a response to the requestfor biometric authentication information with known biometricauthentication information. In certain instances, even if the approachvector is a known approach vector, based on a location of the vehicle102, the vehicle may request biometric authentication information. Thelocation of the vehicle 102 may be associated with high crime and/or maybe unknown to the vehicle 102 or the mobile computing device 104. Basedon the approach vector and the response to the request for biometricauthentication information, the vehicle 102 may grant access.

The computing device authorization application 306 may be a component ofan application and/or service executable by the mobile computing device104. For example, the computing device authentication application 306may be a single unit of deployable executable code. According to oneaspect, the computing device authentication application 306 may be a webapplication, a native application, and/or a mobile application (e.g., anapp) downloaded from a digital distribution application platform thatallows users to browse and download applications developed with mobilesoftware development kits (SDKs).

As an example, the vehicle 102 may receive a communication from a knownmobile computing device 104, determine, by sensors 210 and/or sensors310, biometric information associated with a known occupant, grantaccess to the vehicle 102, and set vehicle personal preferences based onthe communication and the biometric information. The biometricinformation may be a fingerprint and/or another type of biometricinformation.

In one example, when the mobile computing device 104 is within wirelesscommunication range of the vehicle 102, the vehicle 102 transmits thecommunication to the mobile computing device 104. The mobile computingdevice 104 responds to the communication. Based on the approach vectorof the mobile computing device 104 and biometric authenticationinformation, the vehicle 102 may unlock one or more doors and extendwelcome functions including external lighting, internal lighting, cabinconfiguration, and other welcome functions. As an example, the vehicle102 may greet a particular occupant by name: “Hello James.” The vehiclemay unlock the doors including front doors, rear doors, and other doorssuch as a trunk door and provide welcome functions such as an audiblechime when the mobile computing device is a particular distance from thevehicle, e.g., one meter. The particular distance may be modified andmay be based on a particular location of the vehicle 102.

In another example, a person may touch a door handle or door of thevehicle 102 to provide the biometric authentication information. Thedoor handle or the door may have a fingerprint sensor and/or othersensors for obtaining a fingerprint and/or other signals. The vehicle102 may then compare the biometric information associated with theperson with biometric attributes stored in memory 204 of the vehicle 102and/or memory 304 the mobile computing device 104. Based on the approachvector and/or the biometric authentication information, the vehicle 102may unlock doors and may extend welcome functions. The person may enterthe vehicle 102 and sit in a driver seat or a passenger seat. At thispoint, the vehicle 102 may use UWB, WiFi, Bluetooth, and/or others todetermine that the mobile computing device 104 is located within aninterior of the vehicle.

In an additional example, the vehicle 102 may include secure storageareas, e.g., a glove compartment or a vehicle safe. The vehicle 102 maydetermine whether the mobile computing device 104 is located within theinterior of the vehicle 102 and/or whether a person is located withinthe interior of the vehicle 102 and allow access to the secure storageareas. After the mobile computing device 104 and/or the person exits thevehicle 102 and a particular period of time elapses, the vehicle 102 mayautomatically lock doors and/or the secure storage areas.

In another embodiment, the vehicle 102 may determine when the mobilecomputing device 104 is physically located within the vehicle using thewireless hardware device 216 and the wireless hardware device 316. Whenthe mobile computing device 104 is physically located in the vehicle102, the vehicle 102 may block or ignore communications from otherunknown or non-authenticated computing devices outside of the vehicle.While the mobile computing device 104 is located inside the vehicle 102and the wireless hardware device 216 is sending communications to thewireless hardware device 316 and receiving communications in response,the vehicle may not be controlled by computing devices outside of thevehicle 102.

In certain instances, the vehicle 102 or another computing device maydetermine when the vehicle 102 enters a particular geofence or locationzone and the mobile computing device 104 is physically located withinthe vehicle 102. The particular geofence may represent a virtualperimeter associated with a defined set of real-world geographicboundaries. The particular geofence may be associated with a particularmerchant and may include a parking space, a parking lot, adrive-through, and/or another physical location associated with theparticular merchant. The particular geofence may have a region that isbased on a radius from the particular merchant and may be set by themerchant, e.g., 500 feet from the merchant. As an example, the othercomputing device may be associated with the particular merchant. Themerchant may provide one of fuel, electricity, parking, food, media, andother services or goods. The other services or goods may include anaudio tour guide, map, or app (application) for a particular venueprovided by the vehicle 102 and/or the mobile computing device 104. Inone example, the particular venue may be a zoo, a stadium, a musicvenue, a museum, or another venue.

When the vehicle 102 and the mobile computing device 104 are associatedwith the location zone, the vehicle 102 and/or the mobile computingdevice 104 may be used to make purchases at or with the merchant. In oneexample, the vehicle 102 may determine a location of the vehicle,determine that the location of the vehicle is within the location zoneassociated with the merchant, determine that the mobile computing device104 is within the vehicle 102, transmit a request for biometricauthentication for payment to the mobile computing device 104, andreceive a response to the request for biometric authentication forpayment from the mobile computing device 104. The response may be arepresentation of a fingerprint and/or an authentication of afingerprint. The vehicle 102 and/or the mobile computing device 104 mayreceive a notification that requests the secondary authentication. Thenotification may be displayed on touch screen 208 and/or touch screen308. A user may place a finger on a fingerprint sensor of the mobilecomputing device 104 and the mobile computing device 104 may authorizethe user and transmit the representation of the fingerprint to thevehicle 102. In one example, if the mobile computing device 104 ispaired with a watch or another wearable device and communicating usingBluetooth or another communication protocol and the watch is on a wristof a known occupant, the mobile computing device 104 may automaticallytransmit a representation of the biometric information and thenotification may not be displayed on the touch screen 308. In thatinstance, when the watch is first placed on the wrist, the mobilecomputing device 104 may display the notification on the touch screen308 requesting that the user place their finger on the fingerprintsensor. As a result, when wearing the watch and the watch is incommunication with the mobile computing device 104, a user may not haveto place their finger on the fingerprint sensor of the mobile computingdevice 104.

For example, an occupant of the vehicle 102 may pre-order a coffee usingthe vehicle 102 and/or the mobile computing device 104 and arrive at thelocation zone. The merchant may be notified when the vehicle 102 arrivesat the location zone. The vehicle 102 and/or the mobile computing device104 may receive a notification that requests the secondaryauthentication. The merchant may send the request for biometricauthentication for payment, the vehicle 102 may receive the response tothe request for biometric authentication for payment from the mobilecomputing device, and the merchant may deliver the coffee to theoccupant of the vehicle 102.

In an additional example, an occupant of the vehicle 102 may pre-ordergroceries or other retail goods using the vehicle 102 and/or the mobilecomputing device 104 and arrive at the location zone. The merchant maybe notified when the vehicle 102 arrives at the location zone. Thevehicle 102 and/or the mobile computing device 104 may receive anotification that requests the secondary authentication. The merchantmay send the request for biometric authentication for payment, thevehicle 102 may receive the response to the request for biometricauthentication for payment from the mobile computing device, and themerchant may deliver the groceries or other retail goods to the occupantof the vehicle 102.

In another example, an occupant of the vehicle 102 may arrive at afuel/electric station using the vehicle. The station may have anassociated location zone and the merchant may be notified when thevehicle 102 arrives at the location zone. The vehicle 102 may transmit arequest for biometric authentication for payment to the mobile computingdevice 104. The vehicle 102 and/or the mobile computing device 104 mayreceive a notification that requests the secondary authentication. Whileinside the vehicle, the occupant may use the mobile computing device 104and provide fingerprint information to a sensor 310 of the mobilecomputing device. The vehicle 102 receives the response to the requestfor biometric authentication for payment including the fingerprintinformation. The occupant of the vehicle pays for the fuel/electricityat the station using the vehicle 102 and/or the mobile computing device104 without leaving the vehicle 102.

In an even further example, an occupant of the vehicle 102 may create alocation zone to exchange payment or receive payment from anotheroccupant of a different vehicle or a user of a mobile computing device104. The occupant may create the location zone based on the location ofthe vehicle 102 or the mobile computing device 104. As an example, whenthe vehicle 102 and/or the mobile computing device 104 enter the zone,the vehicle 102 and/or the mobile computing device 104 may requestsecondary authentication regarding the payment and receive a response tothe request and process the payment. The vehicle 102 and/or the mobilecomputing device 104 may receive a notification that requests thesecondary authentication. The response to the request may be arepresentation of a fingerprint and/or an authentication of afingerprint.

In an additional embodiment, the vehicle 102 may determine a location ofthe vehicle, determine that the location of the vehicle is within aparticular location zone, receive a communication from a third wirelesshardware device physically located within the particular zone, determinethat the mobile computing device 104 is within the vehicle, transmit arequest for biometric authentication for payment to the mobile computingdevice 104, and receive a response to the request for biometricauthentication for payment from the mobile computing device. Theresponse may be a representation of a fingerprint and/or anauthentication of a fingerprint. The vehicle 102 may receive thecommunication from the hardware device physically located within theparticular zone and may determine a payment vector. The hardware devicephysically located within the particular zone may use the payment vectorto process and authorize the payment based on the location, distance,range, and/or angle of the vehicle 102 from the hardware devicephysically located within the particular zone. The payment vector mayindicate a velocity of the vehicle 102 and may be used to determine arate at which the vehicle 102 is changing its position. The velocity mayindicate a speed and a direction of the vehicle 102. The vehicle 102,when approaching the hardware device physically located within theparticular zone, may approach within a limited range of angles andspeeds. Over time, using machine learning, the hardware devicephysically located within the particular zone may determine known,expected, and usual payment vectors and use the known, expected, andusual payment vectors to process and authorize payments.

As an example, the vehicle 102 may enter a drive through associated withthe merchant and pull up to a window having a point of sale computingdevice with the hardware device. The hardware device or the vehicle 102may transmit a representation of the payment vector and the response tothe request for biometric authentication for payment to a servercomputing device for processing a transaction associated with thepayment. The hardware device physically located in the particular zonemay further include imaging devices that capture the vehicle 102 locatedwithin the particular location zone.

FIG. 4 illustrates a flowchart of a process 400 for granting access tothe vehicle according to an example embodiment. The process 400 shown inFIG. 4 begins at operation 402. In 402, a first wireless hardware device216 transmits a first communication. The first wireless hardware device216 may located within, on, or near the vehicle 102. The firstcommunication is sent to the mobile computing device 104 and may bereceived by the mobile computing device 104 when the mobile computingdevice is within a particular distance of the vehicle, e.g., threehundred meters.

In 404, the vehicle 102 receives a second communication in response tothe first communication. The first hardware device 216 receives thesecond communication. The second communication may be sent from a secondwireless hardware device 316 of the mobile computing device 104.

In 406, the vehicle 102 determines an approach vector based on the firstcommunication and the second communication. The approach vector may befor the mobile computing device 104 in relation to the vehicle 102 andmay indicate angle and distance in realtime as the mobile computingdevice 104 approaches the vehicle 102. The vehicle 102 and/or the mobilecomputing device 104 may be moving or stationary. The approach vectormay be based on time of flight and angle of arrival using phasedifference of arrival and time.

In 408, the vehicle compares the approach vector with known approachvectors for the vehicle 102 and transmits a request for biometricauthentication if the approach vector does not appropriately match knownapproach vectors. In one embodiment, the vehicle also may send therequest for biometric authentication if the vehicle is located in aparticular location even if the approach vector is a known approachvector. The location may have a reputation for high crime and/or may beunknown to the vehicle 102 and/or the mobile computing device 104. Theknown approach vectors may be stored in the memory 204, the memory 304,and the memory of the SEP. The request may be sent to the mobilecomputing device 104. In another embodiment, the vehicle 102 may provideaccess and open doors based on the approach vector but may request thebiometric authentication before allowing operation of the vehicle.

In 410, the vehicle 102 receives a response to the request for biometricauthentication. The response may be sent from the mobile computingdevice 104 or the response may be provided directly to the vehicle 102.The response may be a representation of fingerprint information and maybe obtained from a sensor 310 of the mobile computing device 104. A usermay place their finger on a fingerprint sensor of the mobile computingdevice 104 and the mobile computing device 104 may capture arepresentation of the fingerprint. In another embodiment, thefingerprint information may be obtained from a sensor 210 of the vehicle102. The response may include other biometric information. As anexample, the biometric information may be associated with a voice of theuser captured by the sensors 210 and/or sensors 310 or an image of theuser captured by the imaging devices 212 and/or imaging devices 312separate from or in addition to the representation of the fingerprint.The vehicle 102 may perform voice recognition and/or confirm that anaudible password is correct.

In 412, the vehicle 102 grants access based on the approach vector andthe response to the request for biometric authentication. In oneexample, the vehicle may open doors, illuminate lights, and provideother welcome functionality.

In another embodiment from the perspective of the mobile computingdevice 104, the mobile computing device 104 may receive a firstcommunication from a first hardware device associated with a vehicle.The first hardware device may be the wireless hardware device 216. Themobile computing device 104 may transmit a second communication inresponse to the first communication. The second communication may besent by the wireless hardware device 316. After sending the secondcommunication, the mobile computing device 104 may receive anotification from the vehicle 102, the notification comprising a requestfor authentication based on a comparison between an approach vectorbased on the first communication and the second communication and aknown approach vector. Information associated with the notification maybe displayed on the touch screen 308. As an example, the notificationmay indicate that a fingerprint authorization is requested. In addition,the mobile computing device 104 may provide audible or haptic feedbackupon receipt of the notification. The mobile computing device 104 mayreceive a fingerprint using a fingerprint sensor or another type ofauthentication and transmit a response to the request for authenticationand receive access to the vehicle 102 based on the approach vector andthe response to the request for authentication.

Turning to FIG. 5, the vehicle 102 including operational units 502-512arranged to perform various operations of the presently disclosedtechnology is shown. The operational units 502-512 may be provided bythe vehicle authorization application 206 and may communicate with thecomputing device authorization application 306. The operational units502-512 of the vehicle 102 are implemented by hardware or a combinationof hardware and software to carry out the principles of the presentdisclosure. It will be understood by persons of skill in the art thatthe operational units 502-512 described in FIG. 5 may be combined orseparated into sub-blocks to implement the principles of the presentdisclosure. Therefore, the description herein supports any possiblecombination or separation or further definition of the operational units502-512.

In one implementation, the vehicle 102 includes a display unit 502configured to display information, such as a graphical user interface,and a processing unit 504 in communication with the display unit 502 andan input unit 506 configured to receive data from input devices orsystems. Various operations described herein may be implemented by theprocessing unit 504 using data received by the input unit 506 to outputinformation for display using the display unit 502.

Additionally, in one implementation, the vehicle 102 includes unitsimplementing the operations described with respect to FIG. 4. Forexample, the operations 402 and 404 may be implemented by a wirelesscommunication unit 508, and the operations 406, 408, and 410 may beimplemented by an approach vector unit 510. For example, the approachvector unit 510 may include a determination unit for implementing theoperation 406, a comparison unit for implementing the operation 408, anda biometric authentication unit for implementing the operation 410. Thebiometric authentication unit may use a biometric matching engine forreceiving biometric information from the sensors 210, the imagingdevices 212, the sensors 310, and/or the imaging devices 312, andcomparing the biometric information with the information stored in thevehicle memory 204, memory in the processor 202, the information storedin memory 304, and/or the memory in the processor 302. The biometricauthentication unit determines whether the biometric information matchesknown biometric information (e.g., comparing the representation of afingerprint to known fingerprints) and provides a determination of matchor no match. Each known fingerprint may be first stored when an occupantapproaches and/or enters the vehicle 102 or at another time. Thebiometric authentication unit may make the determination based on aparticular location of the vehicle. Additionally, the operation 412 maybe implemented by a vehicle access unit 512 that grants access to thevehicle.

The approach vector unit 510 may include a payment vector unit forcomparing a payment vector and transmitting a request for biometricauthentication to the mobile computing device 104. The payment vectorunit also may determine the location of the vehicle 102, determine thatthe location of the vehicle is within a particular location zone,determine that a wireless communication from the mobile computing device104 is sent from a location within the vehicle 102, transmit a requestfor biometric authentication for payment to the mobile computing device104, and receive a response to the request for biometric authenticationfor payment from the mobile computing device 104. In an additionalexample, the payment vector unit may receive a wireless communicationfrom another computing device associated with the particular locationzone and/or physically located within the particular location zone. Theother computing device may be provided by a merchant.

Referring to FIG. 6, a detailed description of an example computingsystem 600 having computing units that may implement various systems andmethods discussed herein is provided. The computing system 600 may beapplicable to the vehicle 102 and the mobile computing device 104 andother computing or network devices. It will be appreciated that specificimplementations of these devices may be of differing possible specificcomputing architectures not all of which are specifically discussedherein but will be understood by those of ordinary skill in the art.

The computer system 600 may be a computing system that is capable ofexecuting a computer program product to execute a computer process. Dataand program files may be input to the computer system 600, which readsthe files and executes the programs therein. Some of the elements of thecomputer system 600 are shown in FIG. 6, including hardware processors602, data storage devices 604, memory devices 608, and/or ports 608-612.Additionally, other elements that will be recognized by those skilled inthe art may be included in the computing system 600 but are notexplicitly depicted in FIG. 6 or discussed further herein. Variouselements of the computer system 600 may communicate with one another byway of communication buses, point-to-point communication paths, or othercommunication means not explicitly depicted in FIG. 6.

The processor 602 may include, for example, a central processing unit(CPU), a microprocessor, a microcontroller, a digital signal processor(DSP), and/or internal levels of cache. There may be processors 602,such that the processor 602 comprises a single central-processing unit,or multiple processing units capable of executing instructions andperforming operations in parallel with each other, commonly referred toas a parallel processing environment.

The computer system 600 may be a conventional computer, a distributedcomputer, or any other type of computer, such as external computers madeavailable via a cloud computing architecture. The presently describedtechnology is optionally implemented in software stored on the datastored device(s) 604, stored on the memory device(s) 606, and/orcommunicated via the ports 608-612, thereby transforming the computersystem 600 in FIG. 6 to a special purpose machine for implementing theoperations described herein. Examples of the computer system 600 includepersonal computers, terminals, workstations, mobile phones, tablets,laptops, personal computers, multimedia consoles, gaming consoles, settop boxes, and the like.

The data storage devices 604 may include any non-volatile data storagedevice capable of storing data generated or employed within thecomputing system 600, such as computer executable instructions forperforming a computer process, which may include instructions of bothapplication programs and an operating system (OS) that manages thevarious components of the computing system 600. The data storage devices604 may include, without limitation, magnetic disk drives, optical diskdrives, solid state drives (SSDs), flash drives, and the like. The datastorage devices 604 may include removable data storage media,non-removable data storage media, and/or external storage devices madeavailable via a wired or wireless network architecture with suchcomputer program products, including database management products, webserver products, application server products, and/or other additionalsoftware components. Examples of removable data storage media includeCompact Disc Read-Only Memory (CD-ROM), Digital Versatile Disc Read-OnlyMemory (DVD-ROM), magneto-optical disks, flash drives, and the like.Examples of non-removable data storage media include internal magnetichard disks, SSDs, and the like. The memory devices 606 may includevolatile memory (e.g., dynamic random access memory (DRAM), staticrandom access memory (SRAM), etc.) and/or non-volatile memory (e.g.,read-only memory (ROM), flash memory, etc.).

Computer program products containing mechanisms to effectuate thesystems and methods in accordance with the presently describedtechnology may reside in the data storage devices 604 and/or the memorydevices 606, which may be referred to as machine-readable media. It willbe appreciated that machine-readable media may include any tangiblenon-transitory medium that is capable of storing or encodinginstructions to perform any of the operations of the present disclosurefor execution by a machine or that is capable of storing or encodingdata structures and/or modules utilized by or associated with suchinstructions. Machine-readable media may include a single medium ormultiple media (e.g., a centralized or distributed database, and/orassociated caches and servers) that store the executable instructions ordata structures.

In some implementations, the computer system 600 includes ports, such asan input/output (I/O) port 608, a communication port 610, and asub-systems port 612, for communicating with other computing, network,or vehicle devices. It will be appreciated that the ports 608-612 may becombined or separate and that more or fewer ports may be included in thecomputer system 600.

The I/O port 608 may be connected to an I/O device, or other device, bywhich information is input to or output from the computing system 600.Such I/O devices may include, without limitation, input devices, outputdevices, and/or environment transducer devices.

In one implementation, the input devices convert a human-generatedsignal, such as, human voice, physical movement, physical touch orpressure, and/or the like, into electrical signals as input data intothe computing system 600 via the I/O port 608. Similarly, the outputdevices may convert electrical signals received from computing system600 via the I/O port 608 into signals that may be sensed as output by ahuman, such as sound, light, and/or touch. The input device may be analphanumeric input device, including alphanumeric and other keys forcommunicating information and/or command selections to the processor 602via the I/O port 608. The input device may be another type of user inputdevice including, but not limited to: direction and selection controldevices, such as a mouse, a trackball, cursor direction keys, ajoystick, and/or a wheel; sensors, such as a camera, a microphone, apositional sensor, an orientation sensor, a gravitational sensor, aninertial sensor, and/or an accelerometer; and/or a touch-sensitivedisplay screen (“touchscreen”). The output devices may include, withoutlimitation, a display, a touchscreen, a speaker, a tactile and/or hapticoutput device, and/or the like. In some implementations, the inputdevice and the output device may be the same device, for example, in thecase of a touchscreen.

The environment transducer devices convert one form of energy or signalinto another for input into or output from the computing system 600 viathe I/O port 608. For example, an electrical signal generated within thecomputing system 600 may be converted to another type of signal, and/orvice-versa. In one implementation, the environment transducer devicessense characteristics or aspects of an environment local to or remotefrom the computing device 600, such as, light, sound, temperature,pressure, magnetic field, electric field, chemical properties, physicalmovement, orientation, acceleration, gravity, and/or the like. Further,the environment transducer devices may generate signals to impose someeffect on the environment either local to or remote from the examplecomputing device 600, such as, physical movement of some object (e.g., amechanical actuator), heating or cooling of a substance, adding achemical substance, and/or the like.

In one implementation, a communication port 610 is connected to anetwork by way of which the computer system 600 may receive network datauseful in executing the methods and systems set out herein as well astransmitting information and network configuration changes determinedthereby. Stated differently, the communication port 610 connects thecomputer system 600 to communication interface devices configured totransmit and/or receive information between the computing system 600 andother devices by way of wired or wireless communication networks orconnections. Examples of such networks or connections include, withoutlimitation, Universal Serial Bus (USB), Ethernet, Wi-Fi, Bluetooth®,Near Field Communication (NFC), Long-Term Evolution (LTE), and so on.Such communication interface devices may be utilized via thecommunication port 610 to communicate with other machines, eitherdirectly over a point-to-point communication path, over a wide areanetwork (WAN) (e.g., the Internet), over a local area network (LAN),over a cellular (e.g., third generation (3G) or fourth generation (4G))network, or over another communication means. Further, the communicationport 610 may communicate with an antenna for electromagnetic signaltransmission and/or reception. In some examples, an antenna may beemployed to receive Global Positioning System (GPS) data to facilitatedetermination of a location of a machine, vehicle, or another device.

The computer system 600 may include a sub-systems port 612 forcommunicating with systems related to a vehicle to control an operationof the vehicle 102 and/or exchange information between the computersystem 600 and sub-systems of the vehicle. Examples of such sub-systemsof a vehicle, include, without limitation, imaging systems, radar,lidar, motor controllers and systems, battery control, fuel cell orother energy storage systems or controls in the case of such vehicleswith hybrid or electric motor systems, autonomous or semi-autonomousprocessors and controllers, steering systems, brake systems, lightsystems, navigation systems, environment controls, entertainmentsystems, and the like.

In an example implementation, vehicle authorization information andsoftware and other modules and services may be embodied by instructionsstored on the data storage devices 604 and/or the memory devices 606 andexecuted by the processor 602. The computer system 600 may be integratedwith or otherwise form part of a vehicle. In some instances, thecomputer system 600 is a portable device that may be in communicationand working in conjunction with various systems or sub-systems of avehicle.

The system set forth in FIG. 6 is but one possible example of a computersystem that may employ or be configured in accordance with aspects ofthe present disclosure. It will be appreciated that other non-transitorytangible computer-readable storage media storing computer-executableinstructions for implementing the presently disclosed technology on acomputing system may be utilized.

In the present disclosure, the methods disclosed may be implemented assets of instructions or software readable by a device. Further, it isunderstood that the specific order or hierarchy of steps in the methodsdisclosed are instances of example approaches. Based upon designpreferences, it is understood that the specific order or hierarchy ofsteps in the method can be rearranged while remaining within thedisclosed subject matter. The accompanying method claims presentelements of the various steps in a sample order, and are not necessarilymeant to be limited to the specific order or hierarchy presented.

The described disclosure may be provided as a computer program product,or software, that may include a non-transitory machine-readable mediumhaving stored thereon instructions, which may be used to program acomputer system (or other electronic devices) to perform a processaccording to the present disclosure. A machine-readable medium includesany mechanism for storing information in a form (e.g., software,processing application) readable by a machine (e.g., a computer). Themachine-readable medium may include, but is not limited to, magneticstorage medium, optical storage medium; magneto-optical storage medium,read only memory (ROM); random access memory (RAM); erasableprogrammable memory (e.g., EPROM and EEPROM); flash memory; or othertypes of medium suitable for storing electronic instructions.

For the purpose of promoting an understanding of the principles of thepresent disclosure, reference was made to the embodiments illustrated inthe drawings, and specific language was used to describe the same. Itwill, nevertheless, be understood that no limitation of the scope of thedisclosure is thereby intended; any alterations and furthermodifications of the described or illustrated embodiments, and anyfurther applications of the principles of the disclosure as illustratedtherein are contemplated as would normally occur to one skilled in theart to which the disclosure relates.

While the present disclosure has been described with reference tovarious implementations, it will be understood that theseimplementations are illustrative and that the scope of the presentdisclosure is not limited to them. Many variations, modifications,additions, and improvements are possible. More generally, embodiments inaccordance with the present disclosure have been described in thecontext of particular implementations. Functionality may be separated orcombined in blocks differently in various embodiments of the disclosureor described with different terminology. These and other variations,modifications, additions, and improvements may fall within the scope ofthe disclosure as defined in the claims that follow.

What is claimed is:
 1. A method comprising: determining a presence of a vehicle within a location zone associated with a merchant; identifying an order from the merchant, the order associated with the vehicle; sending a request for authentication to a computing device associated with the vehicle, the request for authentication corresponding to the order; receiving a response to the request for authentication from the computing device, the response to the request for authentication based on biometric information of a user associated with the vehicle; and completing the order based on the response to the request for authentication.
 2. The method of claim 1, wherein completing the order includes processing payment for the order in response to receipt of the response to the request for authentication.
 3. The method of claim 1, wherein completing the order includes a delivery of the order to the vehicle.
 4. The method of claim 1, wherein the presence of the vehicle within the location zone is determined based on a notification of an arrival of the vehicle to the location zone.
 5. The method of claim 1, wherein the location zone includes a particular geofence representing a virtual perimeter associated with a defined set of real-world geographic boundaries.
 6. The method of claim 1, wherein the biometric information is captured with at least one sensor.
 7. The method of claim 1, wherein the computing device is a mobile computing device disposed in an interior of the vehicle.
 8. The method of claim 1, wherein the biometric information is obtained based on a previous authentication of a wearable in communication with the computing device and worn by the user.
 9. A system comprising: at least one process of a computing device associated with a vehicle, the at least one processor configured to determine a presence of the vehicle within a location zone associated with a merchant, the vehicle being associated with an order from the merchant; and at least one sensor configured to capture biometric information of a user associated with the vehicle in response to a request for authentication corresponding to the order being received by the computing device, the computing device sending a response to the request for authentication based on the biometric information, the order being completed based on the response to the request for authentication.
 10. The system of claim 9, wherein the at least one sensor includes one or more of a fingerprint sensor, an iris recognition device, an eye vein verification device, a microphone, an imaging device, a seat pressure sensor, a weight sensor, a strain gauge, a pressure sensor, and electrocardiogram (ECG) sensor.
 11. The system of claim 9, wherein the sensor is part of the computing device.
 12. The system of claim 9, wherein the computing device is a mobile computing device located in an interior of the vehicle.
 13. The system of claim 9, wherein the location zone includes a particular geofence representing a virtual perimeter associated with a defined set of real-world geographic boundaries.
 14. One or more tangible non-transitory computer-readable storage media storing computer-executable instructions for performing a computer process on a computing system, the computer process comprising: determining a presence of a vehicle within a location zone; receiving a request for authentication in response to the presence of the vehicle within the location zone; obtaining biometric information of a user associated with the vehicle in response to receipt of the request for authentication; and sending a response to the request for authentication, the response to the request for authentication based on the biometric information of the user associated with the vehicle.
 15. The one or more tangible non-transitory computer-readable storage media of claim 14, wherein the biometric information is captured with at least one sensor.
 16. The one or more tangible non-transitory computer-readable storage media of claim 14, wherein the biometric information is captured based on a communication with a mobile device or a wearable.
 17. The one or more tangible non-transitory computer-readable storage media of claim 14, wherein the location zone includes a particular geofence representing a virtual perimeter associated with a defined set of real-world geographic boundaries.
 18. The one or more tangible non-transitory computer-readable storage media of claim 14, wherein
 19. The one or more tangible non-transitory computer-readable storage media of claim 14, wherein the biometric information is obtained following a prompt presented to the user.
 20. The one or more tangible non-transitory computer-readable storage media of claim 14, further comprising: sending a payment request to a mobile device associated with a second user. 